Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-test

(This used to be commit dcdfee611ccc0ae798e3eea2cfdf3c7642dc5677)

10 files changed, 373 insertions, 698 deletions

diff --git a/source4/lib/crypto/config.mk b/source4/lib/crypto/config.mk
index b9a7f7cb9e..ee111bd088 100644
--- a/source4/lib/crypto/config.mk
+++ b/source4/lib/crypto/config.mk
@@ -6,14 +6,13 @@
 
 LIBCRYPTO_OBJ_FILES = $(addprefix $(libcryptosrcdir)/, \
 					 crc32.o md5.o hmacmd5.o md4.o \
-					 arcfour.o sha1.o hmacsha1.o)
-
+					 arcfour.o sha256.o hmacsha256.o)
 
 [MODULE::TORTURE_LIBCRYPTO]
 SUBSYSTEM = smbtorture
 PRIVATE_DEPENDENCIES = LIBCRYPTO
 
 TORTURE_LIBCRYPTO_OBJ_FILES = $(addprefix $(libcryptosrcdir)/, \
-		md4test.o md5test.o hmacmd5test.o sha1test.o hmacsha1test.o)
+		md4test.o md5test.o hmacmd5test.o)
 
 $(eval $(call proto_header_template,$(libcryptosrcdir)/test_proto.h,$(TORTURE_LIBCRYPTO_OBJ_FILES:.o=.c)))
diff --git a/source4/lib/crypto/crypto.h b/source4/lib/crypto/crypto.h
index 10e2258fa7..fc283f72ba 100644
--- a/source4/lib/crypto/crypto.h
+++ b/source4/lib/crypto/crypto.h
@@ -21,8 +21,8 @@
 #include "lib/crypto/md4.h"
 #include "lib/crypto/md5.h"
 #include "lib/crypto/hmacmd5.h"
-#include "lib/crypto/sha1.h"
-#include "lib/crypto/hmacsha1.h"
+#include "lib/crypto/sha256.h"
+#include "lib/crypto/hmacsha256.h"
 
 struct arcfour_state {
 	uint8_t sbox[256];
diff --git a/source4/lib/crypto/hmacsha1test.c b/source4/lib/crypto/hmacsha1test.c
deleted file mode 100644
index 6e53124d21..0000000000
--- a/source4/lib/crypto/hmacsha1test.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/* 
-   Unix SMB/CIFS implementation.
-   HMAC SHA-1 tests
-   Copyright (C) Stefan Metzmacher
-   
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 3 of the License, or
-   (at your option) any later version.
-   
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-   
-   You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-#include "includes.h"
-#include "lib/crypto/crypto.h"
-
-struct torture_context;
-
-static DATA_BLOB data_blob_repeat_byte(uint8_t byte, size_t length)
-{
-	DATA_BLOB b = data_blob(NULL, length);
-	memset(b.data, byte, length);
-	return b;
-}
-
-/*
- This uses the test values from rfc2202
-*/
-bool torture_local_crypto_hmacsha1(struct torture_context *torture) 
-{
-	bool ret = true;
-	uint32_t i;
-	struct {
-		DATA_BLOB key;
-		DATA_BLOB data;
-		DATA_BLOB sha1;
-	} testarray[7];
-
-	testarray[0].key	= data_blob_repeat_byte(0x0b, 20);
-	testarray[0].data	= data_blob_string_const("Hi There");
-	testarray[0].sha1	= strhex_to_data_blob("b617318655057264e28bc0b6fb378c8ef146be00");
-
-	testarray[1].key	= data_blob_string_const("Jefe");
-	testarray[1].data	= data_blob_string_const("what do ya want for nothing?");
-	testarray[1].sha1 = strhex_to_data_blob("effcdf6ae5eb2fa2d27416d5f184df9c259a7c79");
-
-	testarray[2].key	= data_blob_repeat_byte(0xaa, 20);
-	testarray[2].data	= data_blob_repeat_byte(0xdd, 50);
-	testarray[2].sha1	= strhex_to_data_blob("125d7342b9ac11cd91a39af48aa17b4f63f175d3");
-	
-	testarray[3].key	= strhex_to_data_blob("0102030405060708090a0b0c0d0e0f10111213141516171819");
-	testarray[3].data	= data_blob_repeat_byte(0xcd, 50);
-	testarray[3].sha1	= strhex_to_data_blob("4c9007f4026250c6bc8414f9bf50c86c2d7235da");
-
-	testarray[4].key	= data_blob_repeat_byte(0x0c, 20);
-	testarray[4].data	= data_blob_string_const("Test With Truncation");
-	testarray[4].sha1	= strhex_to_data_blob("4c1a03424b55e07fe7f27be1d58bb9324a9a5a04");
-	/* sha1-96 =                 0x4c1a03424b55e07fe7f27be1 */
-
-	testarray[5].key	= data_blob_repeat_byte(0xaa, 80);
-	testarray[5].data	= data_blob_string_const("Test Using Larger Than Block-Size Key - Hash Key First");
-	testarray[5].sha1	= strhex_to_data_blob("aa4ae5e15272d00e95705637ce8a3b55ed402112");
-
-	testarray[6].key	= data_blob_repeat_byte(0xaa, 80);
-	testarray[6].data	= data_blob_string_const("Test Using Larger Than Block-Size Key "
-							 "and Larger Than One Block-Size Data");
-	testarray[6].sha1	= strhex_to_data_blob("e8e99d0f45237d786d6bbaa7965c7808bbff1a91");
-
-	for (i=0; i < ARRAY_SIZE(testarray); i++) {
-		struct HMACSHA1Context ctx;
-		uint8_t sha1[SHA1HashSize];
-		int e;
-
-		hmac_sha1_init(testarray[i].key.data, testarray[i].key.length, &ctx);
-		hmac_sha1_update(testarray[i].data.data, testarray[i].data.length, &ctx);
-		hmac_sha1_final(sha1, &ctx);
-
-		e = memcmp(testarray[i].sha1.data,
-			   sha1,
-			   MIN(testarray[i].sha1.length, sizeof(sha1)));
-		if (e != 0) {
-			printf("hmacsha1 test[%u]: failed\n", i);
-			dump_data(0, testarray[i].key.data, testarray[i].key.length);
-			dump_data(0, testarray[i].data.data, testarray[i].data.length);
-			dump_data(0, testarray[i].sha1.data, testarray[i].sha1.length);
-			dump_data(0, sha1, sizeof(sha1));
-			ret = false;
-		}
-	}
-
-	return ret;
-}
diff --git a/source4/lib/crypto/hmacsha1.c b/source4/lib/crypto/hmacsha256.c
index 21ce966f60..6b0af9ee83 100644
--- a/source4/lib/crypto/hmacsha1.c
+++ b/source4/lib/crypto/hmacsha256.c
@@ -1,7 +1,12 @@
 /* 
    Unix SMB/CIFS implementation.
-   Interface header:    HMAC SHA-1 code
-   Copyright (C) Stefan Metzmacher
+
+   Interface header:    HMAC SHA-256 code
+
+   Copyright (C) Andrew Tridgell 2008
+
+   based in hmacsha1.c which is:
+     Copyright (C) Stefan Metzmacher
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -25,24 +30,24 @@
 #include "lib/crypto/crypto.h"
 
 /***********************************************************************
- the rfc 2104/2202 version of hmac_sha1 initialisation.
+ the rfc 2104/2202 version of hmac_sha256 initialisation.
 ***********************************************************************/
-_PUBLIC_ void hmac_sha1_init(const uint8_t *key, size_t key_len, struct HMACSHA1Context *ctx)
+_PUBLIC_ void hmac_sha256_init(const uint8_t *key, size_t key_len, struct HMACSHA256Context *ctx)
 {
         int i;
-	uint8_t tk[SHA1HashSize];
+	uint8_t tk[SHA256_DIGEST_LENGTH];
 
-        /* if key is longer than 64 bytes reset it to key=MD5(key) */
+        /* if key is longer than 64 bytes reset it to key=HASH(key) */
         if (key_len > 64)
 	{
-                struct SHA1Context tctx;
+                SHA256_CTX tctx;
 
-                SHA1Init(&tctx);
-                SHA1Update(&tctx, key, key_len);
-                SHA1Final(tk, &tctx);
+                SHA256_Init(&tctx);
+                SHA256_Update(&tctx, key, key_len);
+                SHA256_Final(tk, &tctx);
 
                 key = tk;
-                key_len = SHA1HashSize;
+                key_len = SHA256_DIGEST_LENGTH;
         }
 
         /* start out by storing key in pads */
@@ -58,29 +63,29 @@ _PUBLIC_ void hmac_sha1_init(const uint8_t *key, size_t key_len, struct HMACSHA1
                 ctx->k_opad[i] ^= 0x5c;
         }
 
-        SHA1Init(&ctx->ctx);
-        SHA1Update(&ctx->ctx, ctx->k_ipad, 64);  
+        SHA256_Init(&ctx->ctx);
+        SHA256_Update(&ctx->ctx, ctx->k_ipad, 64);  
 }
 
 /***********************************************************************
- update hmac_sha1 "inner" buffer
+ update hmac_sha256 "inner" buffer
 ***********************************************************************/
-_PUBLIC_ void hmac_sha1_update(const uint8_t *data, size_t data_len, struct HMACSHA1Context *ctx)
+_PUBLIC_ void hmac_sha256_update(const uint8_t *data, size_t data_len, struct HMACSHA256Context *ctx)
 {
-        SHA1Update(&ctx->ctx, data, data_len); /* then text of datagram */
+        SHA256_Update(&ctx->ctx, data, data_len); /* then text of datagram */
 }
 
 /***********************************************************************
- finish off hmac_sha1 "inner" buffer and generate outer one.
+ finish off hmac_sha256 "inner" buffer and generate outer one.
 ***********************************************************************/
-_PUBLIC_ void hmac_sha1_final(uint8_t digest[SHA1HashSize], struct HMACSHA1Context *ctx)
+_PUBLIC_ void hmac_sha256_final(uint8_t digest[SHA256_DIGEST_LENGTH], struct HMACSHA256Context *ctx)
 {
-        struct SHA1Context ctx_o;
+        SHA256_CTX ctx_o;
 
-        SHA1Final(digest, &ctx->ctx);
+        SHA256_Final(digest, &ctx->ctx);
 
-        SHA1Init(&ctx_o);
-        SHA1Update(&ctx_o, ctx->k_opad, 64);
-        SHA1Update(&ctx_o, digest, SHA1HashSize);
-        SHA1Final(digest, &ctx_o);
+        SHA256_Init(&ctx_o);
+        SHA256_Update(&ctx_o, ctx->k_opad, 64);
+        SHA256_Update(&ctx_o, digest, SHA256_DIGEST_LENGTH);
+        SHA256_Final(digest, &ctx_o);
 }
diff --git a/source4/lib/crypto/hmacsha1.h b/source4/lib/crypto/hmacsha256.h
index 0638c66d53..8960c636c1 100644
--- a/source4/lib/crypto/hmacsha1.h
+++ b/source4/lib/crypto/hmacsha256.h
@@ -1,7 +1,13 @@
 /* 
    Unix SMB/CIFS implementation.
-   Interface header:    HMAC SHA1 code
-   Copyright (C) Stefan Metzmacher 2006
+
+   Interface header:    HMAC SHA256 code
+
+   Copyright (C) Andrew Tridgell 2008
+
+   based on hmacsha1.h which is:
+
+    Copyright (C) Stefan Metzmacher 2006
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -17,17 +23,16 @@
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
-#ifndef _HMAC_SHA1_H
+#ifndef _HMAC_SHA256_H
 
-struct HMACSHA1Context {
-        struct SHA1Context ctx;
+struct HMACSHA256Context {
+        SHA256_CTX ctx;
         uint8_t k_ipad[65];    
         uint8_t k_opad[65];
-
 };
 
-void hmac_sha1_init(const uint8_t *key, size_t key_len, struct HMACSHA1Context *ctx);
-void hmac_sha1_update(const uint8_t *data, size_t data_len, struct HMACSHA1Context *ctx);
-void hmac_sha1_final(uint8_t digest[20], struct HMACSHA1Context *ctx);
+void hmac_sha256_init(const uint8_t *key, size_t key_len, struct HMACSHA256Context *ctx);
+void hmac_sha256_update(const uint8_t *data, size_t data_len, struct HMACSHA256Context *ctx);
+void hmac_sha256_final(uint8_t digest[20], struct HMACSHA256Context *ctx);
 
-#endif /* _HMAC_SHA1_H */
+#endif /* _HMAC_SHA256_H */
diff --git a/source4/lib/crypto/sha1.c b/source4/lib/crypto/sha1.c
deleted file mode 100644
index 1b91f8a949..0000000000
--- a/source4/lib/crypto/sha1.c
+++ /dev/null
@@ -1,390 +0,0 @@
-/*
- This file contains the reference implementation of SHA-1
- from http://www.ietf.org/rfc/rfc3174.txt
-*/
-/*
- *  sha1.c
- *
- *  Description:
- *      This file implements the Secure Hashing Algorithm 1 as
- *      defined in FIPS PUB 180-1 published April 17, 1995.
- *
- *      The SHA-1, produces a 160-bit message digest for a given
- *      data stream.  It should take about 2**n steps to find a
- *      message with the same digest as a given message and
- *      2**(n/2) to find any two messages with the same digest,
- *      when n is the digest size in bits.  Therefore, this
- *      algorithm can serve as a means of providing a
- *      "fingerprint" for a message.
- *
- *  Portability Issues:
- *      SHA-1 is defined in terms of 32-bit "words".  This code
- *      uses <stdint.h> (included via "sha1.h" to define 32 and 8
- *      bit unsigned integer types.  If your C compiler does not
- *      support 32 bit unsigned integers, this code is not
- *      appropriate.
- *
- *  Caveats:
- *      SHA-1 is designed to work with messages less than 2^64 bits
- *      long.  Although SHA-1 allows a message digest to be generated
- *      for messages of any number of bits less than 2^64, this
- *      implementation only works with messages with a length that is
- *      a multiple of the size of an 8-bit character.
- *
- */
-
-#include "includes.h"
-
-#include "sha1.h"
-
-/*
- *  Define the SHA1 circular left shift macro
- */
-#define SHA1CircularShift(bits,word) \
-                (((word) << (bits)) | ((word) >> (32-(bits))))
-
-/* Local Function Prototyptes */
-static void SHA1PadMessage(struct SHA1Context *);
-static void SHA1ProcessMessageBlock(struct SHA1Context *);
-
-/*
- *  SHA1Init (SHA1Reset in the rfc)
- *
- *  Description:
- *      This function will initialize the SHA1Context in preparation
- *      for computing a new SHA1 message digest.
- *
- *  Parameters:
- *      context: [in/out]
- *          The context to reset.
- *
- *  Returns:
- *      sha Error Code.
- *
- */
-int SHA1Init(struct SHA1Context *context)
-{
-    if (!context)
-    {
-        return shaNull;
-    }
-
-    context->Length_Low             = 0;
-    context->Length_High            = 0;
-    context->Message_Block_Index    = 0;
-
-    context->Intermediate_Hash[0]   = 0x67452301;
-    context->Intermediate_Hash[1]   = 0xEFCDAB89;
-    context->Intermediate_Hash[2]   = 0x98BADCFE;
-    context->Intermediate_Hash[3]   = 0x10325476;
-    context->Intermediate_Hash[4]   = 0xC3D2E1F0;
-
-    context->Computed   = 0;
-    context->Corrupted  = 0;
-
-    return shaSuccess;
-}
-
-/*
- *  SHA1Final (SHA1Result in the rfc)
- *
- *  Description:
- *      This function will return the 160-bit message digest into the
- *      Message_Digest array  provided by the caller.
- *      NOTE: The first octet of hash is stored in the 0th element,
- *            the last octet of hash in the 19th element.
- *
- *  Parameters:
- *      context: [in/out]
- *          The context to use to calculate the SHA-1 hash.
- *      Message_Digest: [out]
- *          Where the digest is returned.
- *
- *  Returns:
- *      sha Error Code.
- *
- */
-int SHA1Final(uint8_t Message_Digest[SHA1HashSize],
-	      struct SHA1Context *context)
-{
-    int i;
-
-    if (!context || !Message_Digest)
-    {
-        return shaNull;
-    }
-
-    if (context->Corrupted)
-    {
-        return context->Corrupted;
-    }
-
-    if (!context->Computed)
-    {
-        SHA1PadMessage(context);
-        for(i=0; i<64; ++i)
-        {
-            /* message may be sensitive, clear it out */
-            context->Message_Block[i] = 0;
-        }
-        context->Length_Low = 0;    /* and clear length */
-        context->Length_High = 0;
-        context->Computed = 1;
-    }
-
-    for(i = 0; i < SHA1HashSize; ++i)
-    {
-        Message_Digest[i] = context->Intermediate_Hash[i>>2]
-                            >> 8 * ( 3 - ( i & 0x03 ) );
-    }
-
-    return shaSuccess;
-}
-
-/*
- *  SHA1Update (SHA1Input in the rfc)
- *
- *  Description:
- *      This function accepts an array of octets as the next portion
- *      of the message.
- *
- *  Parameters:
- *      context: [in/out]
- *          The SHA context to update
- *      message_array: [in]
- *          An array of characters representing the next portion of
- *          the message.
- *      length: [in]
- *          The length of the message in message_array
- *
- *  Returns:
- *      sha Error Code.
- *
- */
-int SHA1Update(struct SHA1Context *context,
-               const uint8_t *message_array,
-               size_t length)
-{
-    if (!length)
-    {
-        return shaSuccess;
-    }
-
-    if (!context || !message_array)
-    {
-        return shaNull;
-    }
-
-    if (context->Computed)
-    {
-        context->Corrupted = shaStateError;
-        return shaStateError;
-    }
-
-    if (context->Corrupted)
-    {
-         return context->Corrupted;
-    }
-    while(length-- && !context->Corrupted)
-    {
-    context->Message_Block[context->Message_Block_Index++] =
-                    (*message_array & 0xFF);
-
-    context->Length_Low += 8;
-    if (context->Length_Low == 0)
-    {
-        context->Length_High++;
-        if (context->Length_High == 0)
-        {
-            /* Message is too long */
-            context->Corrupted = 1;
-        }
-    }
-
-    if (context->Message_Block_Index == 64)
-    {
-        SHA1ProcessMessageBlock(context);
-    }
-
-    message_array++;
-    }
-
-    return shaSuccess;
-}
-
-/*
- *  SHA1ProcessMessageBlock
- *
- *  Description:
- *      This function will process the next 512 bits of the message
- *      stored in the Message_Block array.
- *
- *  Parameters:
- *      None.
- *
- *  Returns:
- *      Nothing.
- *
- *  Comments:
- *      Many of the variable names in this code, especially the
- *      single character names, were used because those were the
- *      names used in the publication.
- *
- *
- */
-static void SHA1ProcessMessageBlock(struct SHA1Context *context)
-{
-    const uint32_t K[] =    {       /* Constants defined in SHA-1   */
-                            0x5A827999,
-                            0x6ED9EBA1,
-                            0x8F1BBCDC,
-                            0xCA62C1D6
-                            };
-    int           t;                 /* Loop counter                */
-    uint32_t      temp;              /* Temporary word value        */
-    uint32_t      W[80];             /* Word sequence               */
-    uint32_t      A, B, C, D, E;     /* Word buffers                */
-
-    /*
-     *  Initialize the first 16 words in the array W
-     */
-    for(t = 0; t < 16; t++)
-    {
-        W[t] = context->Message_Block[t * 4] << 24;
-        W[t] |= context->Message_Block[t * 4 + 1] << 16;
-        W[t] |= context->Message_Block[t * 4 + 2] << 8;
-        W[t] |= context->Message_Block[t * 4 + 3];
-    }
-
-    for(t = 16; t < 80; t++)
-    {
-       W[t] = SHA1CircularShift(1,W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16]);
-    }
-
-    A = context->Intermediate_Hash[0];
-    B = context->Intermediate_Hash[1];
-    C = context->Intermediate_Hash[2];
-    D = context->Intermediate_Hash[3];
-    E = context->Intermediate_Hash[4];
-
-    for(t = 0; t < 20; t++)
-    {
-        temp =  SHA1CircularShift(5,A) +
-                ((B & C) | ((~B) & D)) + E + W[t] + K[0];
-        E = D;
-        D = C;
-        C = SHA1CircularShift(30,B);
-        B = A;
-        A = temp;
-    }
-
-    for(t = 20; t < 40; t++)
-    {
-        temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[1];
-        E = D;
-        D = C;
-        C = SHA1CircularShift(30,B);
-        B = A;
-        A = temp;
-    }
-
-    for(t = 40; t < 60; t++)
-    {
-        temp = SHA1CircularShift(5,A) +
-               ((B & C) | (B & D) | (C & D)) + E + W[t] + K[2];
-        E = D;
-        D = C;
-        C = SHA1CircularShift(30,B);
-        B = A;
-        A = temp;
-    }
-
-    for(t = 60; t < 80; t++)
-    {
-        temp = SHA1CircularShift(5,A) + (B ^ C ^ D) + E + W[t] + K[3];
-        E = D;
-        D = C;
-        C = SHA1CircularShift(30,B);
-        B = A;
-        A = temp;
-    }
-
-    context->Intermediate_Hash[0] += A;
-    context->Intermediate_Hash[1] += B;
-    context->Intermediate_Hash[2] += C;
-    context->Intermediate_Hash[3] += D;
-    context->Intermediate_Hash[4] += E;
-
-    context->Message_Block_Index = 0;
-}
-
-
-/*
- *  SHA1PadMessage
- *
- *  Description:
- *      According to the standard, the message must be padded to an even
- *      512 bits.  The first padding bit must be a '1'.  The last 64
- *      bits represent the length of the original message.  All bits in
- *      between should be 0.  This function will pad the message
- *      according to those rules by filling the Message_Block array
- *      accordingly.  It will also call the ProcessMessageBlock function
- *      provided appropriately.  When it returns, it can be assumed that
- *      the message digest has been computed.
- *
- *  Parameters:
- *      context: [in/out]
- *          The context to pad
- *      ProcessMessageBlock: [in]
- *          The appropriate SHA*ProcessMessageBlock function
- *  Returns:
- *      Nothing.
- *
- */
-
-static void SHA1PadMessage(struct SHA1Context *context)
-{
-    /*
-     *  Check to see if the current message block is too small to hold
-     *  the initial padding bits and length.  If so, we will pad the
-     *  block, process it, and then continue padding into a second
-     *  block.
-     */
-    if (context->Message_Block_Index > 55)
-    {
-        context->Message_Block[context->Message_Block_Index++] = 0x80;
-        while(context->Message_Block_Index < 64)
-        {
-            context->Message_Block[context->Message_Block_Index++] = 0;
-        }
-
-        SHA1ProcessMessageBlock(context);
-
-        while(context->Message_Block_Index < 56)
-        {
-            context->Message_Block[context->Message_Block_Index++] = 0;
-        }
-    }
-    else
-    {
-        context->Message_Block[context->Message_Block_Index++] = 0x80;
-        while(context->Message_Block_Index < 56)
-        {
-            context->Message_Block[context->Message_Block_Index++] = 0;
-        }
-    }
-
-    /*
-     *  Store the message length as the last 8 octets
-     */
-    context->Message_Block[56] = context->Length_High >> 24;
-    context->Message_Block[57] = context->Length_High >> 16;
-    context->Message_Block[58] = context->Length_High >> 8;
-    context->Message_Block[59] = context->Length_High;
-    context->Message_Block[60] = context->Length_Low >> 24;
-    context->Message_Block[61] = context->Length_Low >> 16;
-    context->Message_Block[62] = context->Length_Low >> 8;
-    context->Message_Block[63] = context->Length_Low;
-
-    SHA1ProcessMessageBlock(context);
-}
diff --git a/source4/lib/crypto/sha1.h b/source4/lib/crypto/sha1.h
deleted file mode 100644
index 4a2d448bfc..0000000000
--- a/source4/lib/crypto/sha1.h
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- This file contains the reference implementation of SHA-1
- from http://www.ietf.org/rfc/rfc3174.txt
-*/
-/*
- *  sha1.h
- *
- *  Description:
- *      This is the header file for code which implements the Secure
- *      Hashing Algorithm 1 as defined in FIPS PUB 180-1 published
- *      April 17, 1995.
- *
- *      Many of the variable names in this code, especially the
- *      single character names, were used because those were the names
- *      used in the publication.
- *
- *      Please read the file sha1.c for more information.
- *
- */
-#ifndef _SHA1_H_
-#define _SHA1_H_
-
-#ifndef _SHA_enum_
-#define _SHA_enum_
-enum
-{
-    shaSuccess = 0,
-    shaNull,            /* Null pointer parameter */
-    shaInputTooLong,    /* input data too long */
-    shaStateError       /* called Input after Result */
-};
-#endif
-#define SHA1HashSize 20
-
-/*
- *  This structure will hold context information for the SHA-1
- *  hashing operation
- */
-struct SHA1Context
-{
-    uint32_t Intermediate_Hash[SHA1HashSize/4]; /* Message Digest  */
-
-    uint32_t Length_Low;            /* Message length in bits      */
-    uint32_t Length_High;           /* Message length in bits      */
-
-                               /* Index into message block array   */
-    int16_t Message_Block_Index;
-    uint8_t Message_Block[64];      /* 512-bit message blocks      */
-
-    int Computed;               /* Is the digest computed?         */
-    int Corrupted;             /* Is the message digest corrupted? */
-};
-
-/*
- *  Function Prototypes
- */
-
-int SHA1Init(struct SHA1Context *);
-int SHA1Update(struct SHA1Context *, const uint8_t *data, size_t data_len);
-int SHA1Final(uint8_t Message_Digest[SHA1HashSize], struct SHA1Context *);
-
-#endif
diff --git a/source4/lib/crypto/sha1test.c b/source4/lib/crypto/sha1test.c
deleted file mode 100644
index 7777764277..0000000000
--- a/source4/lib/crypto/sha1test.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/*
- This file contains the reference implementation of SHA-1
- from http://www.ietf.org/rfc/rfc3174.txt
-*/
-/*
- *  sha1test.c
- *
- *  Description:
- *      This file will exercise the SHA-1 code performing the three
- *      tests documented in FIPS PUB 180-1 plus one which calls
- *      SHA1Input with an exact multiple of 512 bits, plus a few
- *      error test checks.
- *
- *  Portability Issues:
- *      None.
- *
- */
-
-#include "includes.h"
-#include "torture/torture.h"
-
-#include "lib/crypto/crypto.h"
-
-struct torture_context;
-
-/*
- *  Define patterns for testing
- */
-#define TEST1   "abc"
-#define TEST2a  "abcdbcdecdefdefgefghfghighijhi"
-#define TEST2b  "jkijkljklmklmnlmnomnopnopq"
-#define TEST2   TEST2a TEST2b
-#define TEST3   "a"
-#define TEST4a  "01234567012345670123456701234567"
-#define TEST4b  "01234567012345670123456701234567"
-    /* an exact multiple of 512 bits */
-#define TEST4   TEST4a TEST4b
-static const char *testarray[4] =
-{
-    TEST1,
-    TEST2,
-    TEST3,
-    TEST4
-};
-static int repeatcount[4] = { 1, 1, 1000000, 10 };
-static const char *resultarray[4] =
-{
-    "A9 99 3E 36 47 06 81 6A BA 3E 25 71 78 50 C2 6C 9C D0 D8 9D ",
-    "84 98 3E 44 1C 3B D2 6E BA AE 4A A1 F9 51 29 E5 E5 46 70 F1 ",
-    "34 AA 97 3C D4 C4 DA A4 F6 1E EB 2B DB AD 27 31 65 34 01 6F ",
-    "DE A3 56 A2 CD DD 90 C7 A7 EC ED C5 EB B5 63 93 4F 46 04 52 "
-};
-
-
-bool torture_local_crypto_sha1(struct torture_context *tctx)
-{
-    struct SHA1Context sha;
-    int i, j, err;
-    uint8_t Message_Digest[20];
-    bool ret = true;
-    char tmp[60 + 10];
-
-    /*
-     *  Perform SHA-1 tests
-     */
-    for(j = 0; j < 4; ++j)
-    {
-    	ZERO_STRUCT(tmp);
-        torture_comment(tctx, "Test %d: %d, '%s'\n",
-                j+1,
-                repeatcount[j],
-                testarray[j]);
-
-        err = SHA1Init(&sha);
-        torture_assert_int_equal(tctx, err, 0, "SHA1Init Error");
-
-        for(i = 0; i < repeatcount[j]; ++i)
-        {
-            err = SHA1Update(&sha,
-                  (const unsigned char *) testarray[j],
-                  strlen(testarray[j]));
-			torture_assert_int_equal(tctx, err, 0, "SHA1Update Error");
-        }
-
-        err = SHA1Final(Message_Digest, &sha);
-		torture_assert_int_equal(tctx, err, 0, 
-            "SHA1Result Error, could not compute message digest.");
-        torture_comment(tctx, "\t");
-        for(i = 0; i < 20 ; ++i)
-        {
-	    	snprintf(tmp+(i*3), sizeof(tmp) - (i*3),"%02X ", Message_Digest[i]);
-            torture_comment(tctx, "%02X ", Message_Digest[i]);
-        }
-        torture_comment(tctx, "\n");
-        torture_comment(tctx, "Should match:\n\t%s\n", resultarray[j]);
-	if (strcmp(resultarray[j], tmp) != 0) {
-	    ret = false;	
-	}
-    }
-
-    /* Test some error returns */
-    err = SHA1Update(&sha,(const unsigned char *) testarray[1], 1);
-    torture_assert_int_equal(tctx, err, shaStateError, "SHA1Update failed");
-    err = SHA1Init(0);
-    torture_assert_int_equal(tctx, err, shaNull, "SHA1Init failed");
-
-	return true;
-}
-
-
diff --git a/source4/lib/crypto/sha256.c b/source4/lib/crypto/sha256.c
new file mode 100644
index 0000000000..70fe7a3099
--- /dev/null
+++ b/source4/lib/crypto/sha256.c
@@ -0,0 +1,234 @@
+/*
+  based on heildal lib/hcrypto/sha256.c. Copied to lib/crypto to avoid a link
+  problem. Hopefully will be removed once we solve this link problem
+
+   (tridge)
+ */
+
+/*
+ * Copyright (c) 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "includes.h"
+#include "heimdal/lib/hcrypto/hash.h"
+#include "sha256.h"
+
+#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
+#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
+
+#define ROTR(x,n)   (((x)>>(n)) | ((x) << (32 - (n))))
+
+#define Sigma0(x)	(ROTR(x,2)  ^ ROTR(x,13) ^ ROTR(x,22))
+#define Sigma1(x)	(ROTR(x,6)  ^ ROTR(x,11) ^ ROTR(x,25))
+#define sigma0(x)	(ROTR(x,7)  ^ ROTR(x,18) ^ ((x)>>3))
+#define sigma1(x)	(ROTR(x,17) ^ ROTR(x,19) ^ ((x)>>10))
+
+#define A m->counter[0]
+#define B m->counter[1]
+#define C m->counter[2]
+#define D m->counter[3]
+#define E m->counter[4]
+#define F m->counter[5]
+#define G m->counter[6]
+#define H m->counter[7]
+
+static const uint32_t constant_256[64] = {
+    0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
+    0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+    0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+    0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+    0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
+    0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+    0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
+    0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+    0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+    0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+    0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
+    0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+    0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
+    0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+    0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+    0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+};
+
+void
+SHA256_Init (SHA256_CTX *m)
+{
+    m->sz[0] = 0;
+    m->sz[1] = 0;
+    A = 0x6a09e667;
+    B = 0xbb67ae85;
+    C = 0x3c6ef372;
+    D = 0xa54ff53a;
+    E = 0x510e527f;
+    F = 0x9b05688c;
+    G = 0x1f83d9ab;
+    H = 0x5be0cd19;
+}
+
+static void
+calc (SHA256_CTX *m, uint32_t *in)
+{
+    uint32_t AA, BB, CC, DD, EE, FF, GG, HH;
+    uint32_t data[64];
+    int i;
+
+    AA = A;
+    BB = B;
+    CC = C;
+    DD = D;
+    EE = E;
+    FF = F;
+    GG = G;
+    HH = H;
+
+    for (i = 0; i < 16; ++i)
+	data[i] = in[i];
+    for (i = 16; i < 64; ++i)
+	data[i] = sigma1(data[i-2]) + data[i-7] + 
+	    sigma0(data[i-15]) + data[i - 16];
+
+    for (i = 0; i < 64; i++) {
+	uint32_t T1, T2;
+
+	T1 = HH + Sigma1(EE) + Ch(EE, FF, GG) + constant_256[i] + data[i];
+	T2 = Sigma0(AA) + Maj(AA,BB,CC);
+			     
+	HH = GG;
+	GG = FF;
+	FF = EE;
+	EE = DD + T1;
+	DD = CC;
+	CC = BB;
+	BB = AA;
+	AA = T1 + T2;
+    }
+
+    A += AA;
+    B += BB;
+    C += CC;
+    D += DD;
+    E += EE;
+    F += FF;
+    G += GG;
+    H += HH;
+}
+
+/*
+ * From `Performance analysis of MD5' by Joseph D. Touch <touch@isi.edu>
+ */
+
+#if !defined(WORDS_BIGENDIAN) || defined(_CRAY)
+static inline uint32_t
+swap_uint32_t (uint32_t t)
+{
+    uint32_t temp1, temp2;
+
+    temp1   = cshift(t, 16);
+    temp2   = temp1 >> 8;
+    temp1  &= 0x00ff00ff;
+    temp2  &= 0x00ff00ff;
+    temp1 <<= 8;
+    return temp1 | temp2;
+}
+#endif
+
+struct x32{
+    unsigned int a:32;
+    unsigned int b:32;
+};
+
+void
+SHA256_Update (SHA256_CTX *m, const void *v, size_t len)
+{
+    const unsigned char *p = v;
+    size_t old_sz = m->sz[0];
+    size_t offset;
+
+    m->sz[0] += len * 8;
+    if (m->sz[0] < old_sz)
+	++m->sz[1];
+    offset = (old_sz / 8) % 64;
+    while(len > 0){
+	size_t l = min(len, 64 - offset);
+	memcpy(m->save + offset, p, l);
+	offset += l;
+	p += l;
+	len -= l;
+	if(offset == 64){
+#if !defined(WORDS_BIGENDIAN) || defined(_CRAY)
+	    int i;
+	    uint32_t current[16];
+	    struct x32 *u = (struct x32*)m->save;
+	    for(i = 0; i < 8; i++){
+		current[2*i+0] = swap_uint32_t(u[i].a);
+		current[2*i+1] = swap_uint32_t(u[i].b);
+	    }
+	    calc(m, current);
+#else
+	    calc(m, (uint32_t*)m->save);
+#endif
+	    offset = 0;
+	}
+    }
+}
+
+void
+SHA256_Final (void *res, SHA256_CTX *m)
+{
+    unsigned char zeros[72];
+    unsigned offset = (m->sz[0] / 8) % 64;
+    unsigned int dstart = (120 - offset - 1) % 64 + 1;
+
+    *zeros = 0x80;
+    memset (zeros + 1, 0, sizeof(zeros) - 1);
+    zeros[dstart+7] = (m->sz[0] >> 0) & 0xff;
+    zeros[dstart+6] = (m->sz[0] >> 8) & 0xff;
+    zeros[dstart+5] = (m->sz[0] >> 16) & 0xff;
+    zeros[dstart+4] = (m->sz[0] >> 24) & 0xff;
+    zeros[dstart+3] = (m->sz[1] >> 0) & 0xff;
+    zeros[dstart+2] = (m->sz[1] >> 8) & 0xff;
+    zeros[dstart+1] = (m->sz[1] >> 16) & 0xff;
+    zeros[dstart+0] = (m->sz[1] >> 24) & 0xff;
+    SHA256_Update (m, zeros, dstart + 8);
+    {
+	int i;
+	unsigned char *r = (unsigned char*)res;
+
+	for (i = 0; i < 8; ++i) {
+	    r[4*i+3] = m->counter[i] & 0xFF;
+	    r[4*i+2] = (m->counter[i] >> 8) & 0xFF;
+	    r[4*i+1] = (m->counter[i] >> 16) & 0xFF;
+	    r[4*i]   = (m->counter[i] >> 24) & 0xFF;
+	}
+    }
+}
diff --git a/source4/lib/crypto/sha256.h b/source4/lib/crypto/sha256.h
new file mode 100644
index 0000000000..4a5f2cbe94
--- /dev/null
+++ b/source4/lib/crypto/sha256.h
@@ -0,0 +1,91 @@
+/*
+ * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: sha.h 17450 2006-05-05 11:11:43Z lha $ */
+
+#ifndef HEIM_SHA_H
+/*
+  based on heildal lib/hcrypto/sha.h. Copied to lib/crypto to avoid a link
+  problem. Hopefully will be removed once we solve this link problem
+
+   (tridge)
+ */
+#define HEIM_SHA_H 1
+
+#if 0
+/* symbol renaming */
+#define SHA1_Init hc_SHA1_Init
+#define SHA1_Update hc_SHA1_Update
+#define SHA1_Final hc_SHA1_Final
+#define SHA256_Init hc_SHA256_Init
+#define SHA256_Update hc_SHA256_Update
+#define SHA256_Final hc_SHA256_Final
+#endif
+
+/*
+ * SHA-1
+ */
+
+#define SHA_DIGEST_LENGTH 20
+
+struct sha {
+  unsigned int sz[2];
+  uint32_t counter[5];
+  unsigned char save[64];
+};
+
+typedef struct sha SHA_CTX;
+
+void SHA1_Init (struct sha *m);
+void SHA1_Update (struct sha *m, const void *v, size_t len);
+void SHA1_Final (void *res, struct sha *m);
+
+/*
+ * SHA-2 256
+ */
+
+#define SHA256_DIGEST_LENGTH 32
+
+struct hc_sha256state {
+  unsigned int sz[2];
+  uint32_t counter[8];
+  unsigned char save[64];
+};
+
+typedef struct hc_sha256state SHA256_CTX;
+
+void SHA256_Init (SHA256_CTX *);
+void SHA256_Update (SHA256_CTX *, const void *, size_t);
+void SHA256_Final (void *, SHA256_CTX *);
+
+#endif /* HEIM_SHA_H */